Carl Bergenhem

Carl Bergenhem
Qamcom · Functional Safety Division

Teknologie Licentiate

About

53
Publications
27,134
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
603
Citations
Additional affiliations
October 2012 - present
Qamcom
Position
  • Senior Researcher
October 2012 - March 2020
Qamcom
Position
  • Expert in Functional Safety, ITS and V2V-communication
January 2008 - September 2012

Publications

Publications (53)
Article
Full-text available
Emerging precision agriculture techniques rely on the frequent collection of high-quality data which can be acquired efficiently by unmanned aerial systems (UAS). The main obstacle for wider adoption of this technology is related to UAS operational costs. The path forward requires a high degree of autonomy and integration of the UAS and other cyber...
Conference Paper
Full-text available
More effective, efficient and flexible ways to manage safety assurance are needed for the successful development and release of Automated Driving Systems (ADSs). In this paper we propose a set of desired assurance method criteria and present an initial overview of available safety assurance methods and how they contribute to the proposed criteria....
Chapter
With the advent of automated cooperative systems, new challenges are raised with respect to fulfilling safety. This paper presents a novel approach in analysing and assessment of the risks for such systems. Moreover, a distributed conceptual architecture is proposed and discussed. This architecture features separated layers of concern for strategic...
Conference Paper
Full-text available
One major challenge designing vehicles with automated driving systems (ADS) at SAE Level 4 and 5 is the deduction of technical requirements for the perception system given a set of safety requirements. For example, the safety requirements can only be fulfilled by redundancy in the sensor hardware. It is however difficult to specify the amount of re...
Article
The automotive domain is rapidly changing in the last years. Among the different challenges OEMs (i.e. the vehicle manufacturers) are facing, vehicles are evolving into systems of systems. In fact, over the last years vehicles have evolved from disconnected and “blind” systems to systems that are (i) able to sense the surrounding environment and (i...
Technical Report
This paper outlines a business model for selling safety-related components. The goal is protection of the suppliers' intellectual property whilst providing confidence, to the customer, that the component is safe. The ideas in this paper are based on the Safety Element out of Context-concept as given in ISO 26262. To this we add ideas from IEC 61508...
Preprint
Full-text available
This paper outlines a business model for selling safety-related components. The goal is protection of the suppliers' intellectual property whilst providing confidence, to the customer, that the component is safe. The ideas in this paper are based on the Safety Element out of Context-concept as given in ISO 26262. To this we add ideas from IEC 61508...
Data
Four vehicle platooning with trucks Test8AP5 LVtoFVx Left Antennas
Chapter
Full-text available
In this paper, we present a general methodology to estimate safety related parameter values of cooperative cyber-physical system-of-systems. As a case study, we consider a vehicle platoon model equipped with a novel distributed protocol for coordinated emergency braking. The estimation methodology is based on learning-based testing; which is an app...
Conference Paper
Full-text available
In this paper, we present a general methodology to estimate safety related parameter values of cooperative cyber-physical system-of-systems. As a case study, we consider a vehicle platoon model equipped with a novel distributed protocol for coordinated emergency braking. The estimation methodology is based on learning-based testing; which is an app...
Chapter
The presented paper presents the ongoing Swedish national research project FUSE (FUnctional Safety and Evolvable architectures for autonomy). Some of the research questions addressed in this project are summarized. The research questions are related both to functional safety and the E/E architecture of vehicles aimed for higher degrees of automatio...
Conference Paper
When arguing safety for an autonomous road vehicle it is considered very hard to show that the sensing capability is sufficient for all possible scenarios that might occur. Already for today’s manually driven road vehicles equipped with advanced driver assistance systems (ADAS), it is far from trivial how to argue that the sensor systems are suffic...
Conference Paper
Future transportation systems will be a heterogeneous mix of items with varying connectivity and interoperability. A mix of new technologies and legacy systems will co-exist to realize a variety of scenarios involving not only connected cars but also road infrastructures, pedestrians, cyclists, etc. Future transportation systems can be seen as a Sy...
Chapter
The presented paper presents the ongoing Swedish national research project FUSE (FUnctional Safety and Evolvable architectures for autonomy). Some of the research questions addressed in this project are summarized. The research questions are related both to functional safety and the E/E architecture of vehicles aimed for higher degrees of automatio...
Conference Paper
This paper gives results from Vehicle-to-Vehicle (V2V) communication field tests in a platoon consisting of four trucks. During these tests it was assumed that large vehicles such as trucks need multiple antennas to overcome shadowing and obstruction caused by the vehicle itself, trailers and other trucks in the platoon. Therefore, in the experimen...
Article
Full-text available
The introduction of highly automated driving and autonomous road vehicles will imply new functional safety challenges. The higher complexity and the partly implicit definition of the tasks for the E/E systems will make it harder to argue completeness and correctness of the safety requirements in each phase of the ISO 26262 lifecycle. This paper dis...
Conference Paper
This paper presents results from measurements on Vehicle to Vehicle (V2V) communication between participants in a cooperative application: vehicle platooning. The platoon being studied consists of four vehicles; one truck in the lead and three passenger cars following. The V2V-communication node in each vehicle contains an 802.11p radio tuned to 5....
Conference Paper
Full-text available
This paper presents measurements on Vehicle to Vehicle (V2V) communication between participants in a platooning application. Platooning, according to the SARTRE concept, implies several vehicles travelling together in tight formation, with a manually driven heavy lead vehicle. The platoon being studied consists of five vehicles; two trucks in the l...
Conference Paper
Full-text available
This paper investigates what challenges arise when extending the scope of functional safety for road vehicles to also include cooperative systems. Two generic alternatives are presented and compared with one another. The first alternative is to use a vehicle centric perspective as is the case in the traditional interpretation of ISO 26262 today. He...
Article
Full-text available
This paper describes a vehicle-to-vehicle (V2V) communication system that is developed in the SARTRE project The project vision is to develop and integrate technology that enables vehicles to drive in platoons. SARTRE defines a platoon (or road train) as a collection of vehicles where a manually driven heavy lead vehicle is followed by several auto...
Conference Paper
Full-text available
With the introduction of the automotive functional safety standard ISO 26262, several challenges related to the representation of dependability information has emerged. This paper addresses how safety requirements can be formalized; which is mandatory for high-integrity requirements. Particular focus is given to asymmetric failures. Such a failure...
Conference Paper
Full-text available
This paper presents results from field measurements on a vehicle-to-vehicle communication system based on IEEE 802.11p. During the measurements the vehicles were moving and there were also moving obstacles located between the transmitting and receiving nodes creating a Non-Line-of-Sight environment. Distance, speed and type of obstacles were varied...
Conference Paper
This paper presents a status protocol for a fault-tolerant distributed real-time system. The protocol aims to give all nodes a consistent view of the status of processing operations during one communication cycle; despite the occurrence of asymmetric omission failures. The system consists of nodes interconnected with a time-triggered network. A par...
Conference Paper
Full-text available
This paper presents an overview of current projects that deal with vehicle platooning. The platooning concept can be defined as a collection of vehicles that travel together, actively coordinated in formation. Some expected advantages of platooning include increased fuel and traffic efficiency, safety and driver comfort. There are many variations o...
Conference Paper
Full-text available
This paper describes a vehicle-to-vehicle (V2V) communication system that is developed in the SARTRE project. The project vision is to develop and integrate technology that enables vehicles to drive in platoons. SARTRE defines a platoon (or road train) as a collection of vehicles where a manually driven heavy lead vehicle is followed by several aut...
Technical Report
Full-text available
This report presents a system model for a class of distributed real-time systems. The goal is to assist the design of fault tolerance protocols such as membership agreement. The system model contains a failure model that describes the failures that can plausibly occur in the system. These failures can then be addressed by the fault tolerance protoc...
Conference Paper
This paper describes a health status protocol for distributed real-time systems that use TTCAN, Flexray, or other networks which support both time-triggered and event-triggered communication. The protocol allows a group of co-operating processes to establish a consistent view of each other¿s health status over time. It extends the instantaneous vie...
Conference Paper
This paper presents an environment for fault injection based testing of protocols that implement fault tolerance and redundancy management in safety-critical distributed realtime systems. Building confidence in the correctness of distributed protocols is an intrinsically difficult problem that requires the use of complementary testing and verificat...
Conference Paper
This paper describes a process group membership protocol for distributed real-time systems, that use a communication network which supports both time-triggered (TT) and event-triggered (ET) communication. The protocol allows a group of cooperating real-time processes to establish a consistent view of each other's operational status, i.e. working co...
Article
Full-text available
This article describes a configurable membership service. The function of a membership service is to give nodes in a cluster a consistent view of the status of entities in the system. An entity is a process in a node that manifests itself with a static communications slot. The mapping of processes to entities is done off-line. The service functions...
Conference Paper
Full-text available
This paper describes a process membership protocol for distributed real-time systems that use both time-triggered and event-triggered message passing for communication between its processing nodes (ECUs). TTCAN and FlexRay are examples of communication networks that support such systems. The membership protocol supports redundancy management in arc...
Conference Paper
This paper describes a configurable membership protocol for distributed tasks in time-triggered systems that combine static and dynamic messages such as TTCAN or Flexray. The units of membership are processes in nodes that send messages in static communication slots. The objective is to give nodes a consistent view of the status of processes in the...
Conference Paper
The paper presents results of simulations done with the CCR-EDF (Control Channel based Ring network with EDF scheduling) pipelined ring network together with a case study of system area networks for radar signal processing. The topology of the network is a pipelined unidirectional fibre-ribbon ring that supports several simultaneous transmissions i...
Article
Full-text available
To be able to verify the feasibility of high-performance networks, it is essential to evaluate them according to specific application requirements. At the same time, specifications of quite general, or understandable, application requirements are needed for the ability to make repeated analyses on different networks. Especially, heterogeneous real-...
Conference Paper
Full-text available
This paper introduces a novel, fair medium access protocol for a pipelined optical ring network. The protocol provides global deadline scheduling of packets. Requests for sending packets are sent by the nodes in the network to a master node. The master uses the deadline information in the requests to determine which packet is most urgent. Arbitrati...
Article
Full-text available
In this paper, three ring networks made up of fiber-ribbon point-to-point links are presented. The first network is a control-channel based network in which one fiber in each link joins with others to form a control-channel ring. This ring improves performance of the network by sending medium access control information immediately before the data t...
Article
Full-text available
In this paper, we present how real-time services are implemented in a control-channel based ring network built up of fiber-ribbon point-to-point links. Services for best effort messages, guarantee seeking messages and real-time virtual channels are supported for single destination, multicast and broadcast transmission by the network. Slot-reservati...
Article
Full-text available
Road-trains or platoons present a significant opportunity to both improve traffic efficiency and to improve the efficiency and safety of vehicles within the platoon. However, for platoons to be viable there should be minimal impact on supporting infrastructure which implies that platoons will operate on unmodified public motorways. The European Com...
Article
Full-text available
This technical report describes the problems associated with analysis of a spatial reuse ring network with a clock strategy also used in previously studied ring networks. The aim for the analysis was to find the worst case deterministic throughput. Some results are achieved and are presented. A worst case bound is found and this can be used for ana...
Article
Full-text available
This paper presents work on a switched Ethernet network extended to allow for earliest deadline first (EDF) scheduling. We show by example that asymmetric deadline partitioning between the links of a real-time channel can increase the utilization substantially, still not violating the real-time guarantees. We also report measurements on a software...
Article
Today, CAN is the most common communication principle used in the automotive area; the main reason being that it is cost efficient. However, is it still possible to use CAN, with its limitations, in the large number of emerging safety-critical applications? Is it possible to achieve cost efficient systems without sacrificing dependability? Is it po...
Article
Full-text available
This paper presents a fiber-optic ring network with support for heterogeneous real-time communication. The CCR-EDF (Control Channel Ring network with Earliest Deadline First scheduling) network is an optical fibre-ribbon pipelined ring network with a separate channel for network arbitration. The medium access protocol, that uses the control channel...

Questions

Question (1)
Question
An insulated hot water storage tank contains a volume V of water at an initial temperature T.
Is there a simple model for how this cools and stratifies over time and assuming a certain loss of heat?
Any directions for further understanding would be most helpful. 

Projects

Projects (7)
Project
Connected automated vehicles (CAV) are expected to be able to provide more efficient, accessible and safer transport solutions, but the development of such complex safety-critical systems is a challenge. SALIENCE4CAV is a research project with the goal of developing methods for safety assurance for CAVs that can be part of an iterative development process supporting continuous deployment. This enables easier introduction of new automated functions to the market, where the function can initially support only a few key use cases, followed by gradual development of performance and number of use cases.
Archived project
The ESPLANADE project targeted the complex question of showing that an autonomous road vehicle is safe. This problem is significantly different from safety argumentation for manually driven vehicles. Since the automated driving system (ADS) has complete control of the vehicle in autonomous mode, part of its function must be to drive safely. There are a number of methodological problems that need to be mastered in order to find out how to perform safety argumentation for the ADS. The scope of this project was to provide solutions to these problems.
Archived project